General

  • Target

    26bf96d8a95dcbc0f5f8317adbac3b4e_JaffaCakes118

  • Size

    126KB

  • Sample

    240329-tthwbach34

  • MD5

    26bf96d8a95dcbc0f5f8317adbac3b4e

  • SHA1

    853b7f12f6dd07834971c4f72ecb9ea9ca925bd1

  • SHA256

    b8fd5494786a392565ffe16d76be6ba6b8c6abbb2a7eae219e7fa67fb2b058e6

  • SHA512

    970be9496e3b3869d4d262b4fb8ca3f3efac27adc60093a585a4e775891a32bb50e575e47bca595fb19907ca22082cbe7e90a026c24cb6c4da948c5250bf40b4

  • SSDEEP

    3072:6jVlyaL5JCrIpv04sXbttiEiTmP46aQyfPlfKsNb:yoCJCN4sXbHemP46aQyfPlfKsNb

Score
10/10

Malware Config

Targets

    • Target

      26bf96d8a95dcbc0f5f8317adbac3b4e_JaffaCakes118

    • Size

      126KB

    • MD5

      26bf96d8a95dcbc0f5f8317adbac3b4e

    • SHA1

      853b7f12f6dd07834971c4f72ecb9ea9ca925bd1

    • SHA256

      b8fd5494786a392565ffe16d76be6ba6b8c6abbb2a7eae219e7fa67fb2b058e6

    • SHA512

      970be9496e3b3869d4d262b4fb8ca3f3efac27adc60093a585a4e775891a32bb50e575e47bca595fb19907ca22082cbe7e90a026c24cb6c4da948c5250bf40b4

    • SSDEEP

      3072:6jVlyaL5JCrIpv04sXbttiEiTmP46aQyfPlfKsNb:yoCJCN4sXbHemP46aQyfPlfKsNb

    Score
    7/10
    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks